Garantie de satisfaction à 100% Disponible immédiatement après paiement En ligne et en PDF Tu n'es attaché à rien
logo-home
Recherché précédemment par vous
Recherché précédemment par vous
logo
CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation €8,36
Ajouter au panier
Accédez rapidement à
Aperçu
  2.  
  3. CISA Domain 3: Information System Development And
  4.  
  5. CISA Domain 3: Information System Development and

Examen

CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation
 0 fois vendu
  • Cours
  • CISA Domain 3: Information System Development and
  • Établissement
  • CISA Domain 3: Information System Development And

CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation|When auditing the proposed acquisition of a new computer system, an IS auditor should FIRST ensure that: a clear business case has been approved by management. corporate security...

[Montrer plus]

Aperçu 3 sur 23  pages

Infos sur le Document

  • 3 septembre 2024
  • 23
  • 2024/2025
  • Examen
  • Questions et réponses

Sujets

  • cisa domain 3 questions
  • cisa domain 3
  • cisa domain 3 missed questions information system

École, étude et sujet

  • CISA Domain 3: Information System Development and
  • CISA Domain 3: Information System Development and

Vendeur

avatar-seller
dennys

Avis reçus

Aperçu du contenu

, CISA Domain 3 Missed Questions: Information
Systems Development and Implementation; Information
Systems Implementation
When auditing the proposed acquisition of a new computer system, an IS auditor should
FIRST ensure that:
a clear business case has been approved by management.
corporate security standards will be met.
users will be involved in the implementation plan.
the new system will meet all required user functionality. - Ans A is the correct answer.
Justification
The first concern of an IS auditor is to ensure that the proposal meets the needs of the
business. This should be established by a clear business case.
Compliance with security standards is essential, but it is too early in the procurement pro-
cess for this to be an IS auditor's first concern.
Having users involved in the implementation process is essential, but it is too early in the
procurement process for this to be an IS auditor's first concern.
Meeting the needs of the users is essential, and this should be included in the business
case presented to management for approval.

An IS auditor reviewing a proposed application software acquisition should ensure that the:
operating system (OS) being used is compatible with the existing hardware platform.
planned OS updates have been scheduled to minimize negative impacts on company
needs.
OS has the latest versions and updates.
product is compatible with the current or planned OS. - Ans D is the correct answer.
Justification
If the OS is currently being used, it is compatible with the existing hardware platform; if it
were incompatible, it would not operate properly.
The planned OS updates should be scheduled to minimize negative impacts on the organi-
zation, but this is not an issue when considering the acquisition of new software.
The installed OS should be equipped with the most recent versions and updates (with suf-
ficient history and stability). Because this is installed, it is not a consideration at the time of
considering acquisition of a new application.
In reviewing the proposed application, the auditor should ensure that the products to be
purchased are compatible with the current or planned OS.

A company has implemented a new client-server enterprise resource planning (ERP) sys-
tem. Local branches transmit customer orders to a central manufacturing facility. Which of
the following would BEST ensure that the orders are processed accurately, and the corre-
sponding products are produced?
Verifying production of customer orders
Logging all customer orders in the ERP system
Using hash totals in the order transmitting process
Approving (production supervisor) orders prior to production - Ans A is the correct answer.
Justification
Verification of the products produced will ensure that the produced products match the or-
ders in the order system.
Logging can be used to detect inaccuracies but does not, in itself, guarantee accurate pro-
cessing.

, Hash totals will ensure accurate order transmission, but not accurate processing centrally.
Production supervisory approval is a time consuming, manual process that does not guar-
antee proper control.

Question
Once an organization has finished the business process reengineering (BPR) of all its criti-
cal operations, an IS auditor would MOST likely focus on a review of:
pre-BPR process flowcharts.
post-BPR process flowcharts.
BPR project plans.
continuous improvement and monitoring plans. - Ans B is the correct answer.
Justification
An IS auditor must review the process as it is today, not as it was in the past.
An IS auditor's task is to identify and ensure that key controls have been incorporated into
the reengineered process.
Business process reengineering (BPR) project plans are a step within a BPR project.
These are steps within a BPR project.

Which of the following will BEST ensure the successful offshore development of business
applications?
Stringent contract management practices
Detailed and correctly applied specifications
Awareness of cultural and political differences
Post-implementation review - Ans B is the correct answer.
Justification
Contract management practices, although important, will not ensure successful develop-
ment if the specifications are incorrect.
When dealing with offshore operations, it is essential that detailed specifications be cre-
ated. Language differences and a lack of interaction between developers and physically
remote end users could create gaps in communication in which assumptions and modifica-
tions may not be adequately communicated. Inaccurate specifications cannot easily be
corrected.
Cultural and political differences, although important, should not affect the delivery of a
good product.
This, although important, is too late in the process to ensure successful project delivery
and is not as pivotal to the success of the project.

During the review of a web-based software development project, an IS auditor realizes that
coding standards are not enforced, and code reviews are rarely carried out. This will
MOST likely increase the likelihood of a successful:
buffer overflow.
brute force attack.
distributed denial-of-service attack,.
war dialing attack. - Ans A is the correct answer.
Justification
Poorly written code, especially in web-based applications, is often exploited by hackers us-
ing buffer overflow techniques.
This is used to crack passwords, but this is not related to coding standards.
This floods its target with numerous packets, to prevent it from responding to legitimate re-
quests. This is not related to coding standards.
This uses modem-scanning tools to hack private branch exchanges or other telecommuni-
cations services.

Les avantages d'acheter des résumés chez Stuvia:

Qualité garantie par les avis des clients

Qualité garantie par les avis des clients

Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.

L’achat facile et rapide

L’achat facile et rapide

Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.

Focus sur l’essentiel

Focus sur l’essentiel

Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.

Foire aux questions

Qu'est-ce que j'obtiens en achetant ce document ?

Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.

Garantie de remboursement : comment ça marche ?

Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.

Auprès de qui est-ce que j'achète ce résumé ?

Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur dennys. Stuvia facilite les paiements au vendeur.

Est-ce que j'aurai un abonnement?

Non, vous n'achetez ce résumé que pour €8,36. Vous n'êtes lié à rien après votre achat.

Peut-on faire confiance à Stuvia ?

4.6 étoiles sur Google & Trustpilot (+1000 avis)

69252 résumés ont été vendus ces 30 derniers jours

Fondée en 2010, la référence pour acheter des résumés depuis déjà 15 ans

Commencez à vendre!
€8,36
  • (0)
Ajouter au panier
Ajouté